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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and 
listings, of claims in the application: 

Claim 1 (currently amended) : A communications method for use 
in a system comprising a first, second and third nodes, and a 
first secret, said first secret being shared between the 
first and second nodes to secure communications between said 
first and second nodes, the method comprising: 

operating the first node to establish a secure 
communications session with said second node using the first 
shared secret to secure the contents of packets communicated 
from the first node that are directed to the second node as 
part of the secure communications session , packets 
communicated from the first node that are directed to the 
second node being addressed to said second node by use of a 
second node destination address ; 

operating a third node which is coupled to said first 
and second nodes to maintain in memory a copy of said first 
shared secret; and 

operating the third node to receive a secure flow of 
packets from the first node that are directed to said second 
node as part of the secure communications session. 

Claim 2 (original) : The method of claim 1, further 
comprising : 

operating the third node to receive from s^aid second 
node the first shared secret and to store the first shared 
secret in memory, said received first shared secret being 
encrypted using a second shared secret known to the second 
and third nodes . 
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Claim 3 (original): The method of claim 2, further 
comprising: 

operating said third node to receive and process packets 
sent from said first node as part of said established 
communications session, said third node sending a message to 
the first node indicating successful receipt of packets by 
said second node. 

Claim 4 (original) : The method of claim 3, wherein said 
third node uses said first shared secret to secure the 
message to the first node. 

Claim 5 (previously presented) : The method of claim 4, 
wherein said third node operates as an application proxy for 
said second node during said secure communications session 
without informing said first node that the third node is 
acting as a proxy in the place of said second node. 

Claim 6 (original) : The method of claim 5, further 
comprising: 

operating the third node to transmit information 
obtained from said communications session while said third 
node was acting as a proxy for said second node to said 
second node; and 

operating the second node to continue the secure 
communications session with the first node. 

Claim 7 (original): The method of claim l f further 
comprising: 

operating the third node to inspect the secure packet 

flow from the first node, said step of inspecting said secure 

packet flow including performing at least one of a group of 
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security steps which use the first shared secret, said group 
of security steps comprising: decrypting a packet, integrity 
checking contents of a packet, and authenticating a sender of 
a packet . 

Claim 8 (original): The method of claim 7, further 
comprising: 

operating the third node to drop the packet from the 
packet flow if the performed at least one of the group of 
security checks fails. 

Claim 9 (original) : The method of claim 7 , further 
comprising : 

operating the third node to additionally process the 
packets from the packet flow if no performed security check 
in said group of security checks fails. 

Claim 10 (original): The method of claim 9, further 
comprising: 

operating the third node to identify a packet with a 
disallowed packet payload by comparing at least a portion of 
the payload of each packet in the packet flow to information 
indicating allowed packet payloads, payloads of a type which 
are not indicated by said information being disallowed packet 
payloads . 

Claim 11 (original): The method of claim 10, further 
comprising: 

operating the third node to drop an identified packet 
with a disallowed packet payload. 
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Claim 12 (original) : The method of claim 10, further- 
comprising: 

operating the third node to modify the packet payload of 
packets identified to include a disallowed packet payload 
based on stored information indicating payload modifications 
to be made to disallowed packet payloads . 

Claim 13 (original): The method of claim 12, wherein the 
modified payload generated by modifying a packet payload 
includes a message indicating that an erroneous payload was 
detected at the third node. 

Claim 14 (original): The method of claim 10, further 
comprising: 

operating the third node to process at least two packets 
in the packet flow to produce at least a third packet. 

Claim 15 (original): The method of claim 9, further 
comprising; 

operating the third node to generate an additional 
packet flow from the received packet flow directed to the 
second node and to forward the additional packet flow to the 
second node, packets in said additional packet flow having a 
source address corresponding to the first node and a 
destination address corresponding to the second node, said 
step of generating an additional packet flow including at 
least one of a group of security steps which use the first 
shared secret, the group of security steps consisting of; 
encrypting a packet, adding an integrity check for the 
contents of the packet, and adding an authenticator check for 
the packet sender. 
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Claim 16 (original) : The method of claim 1, wherein the 
second and third nodes each include a second secret used to 
secure communications between the third node and the second 
node, the method further comprising: 

operating the third node to generate an additional 
packet flow from the received packet flow directed to the 
second node and to forward the additional packet flow to the 
second node, packets in said additional packet flow having a 
source address corresponding to the third node and a 
destination address corresponding to the second node, said 
step of generating an additional packet flow including at 
least one of a group of security steps which use the second 
shared secret, the group of security steps consisting of: 
encrypting a packet, adding an integrity check for the 
contents of the packet, and adding an authenticator check for 
the packet sender. 

Claim 17 (original) : The method of claim 16, further 
comprising : 

operating the second node to communicate the first 
shared secret to the third node, the first shared secret 
being encrypted using the second shared secret. 

Claim 18 (original) : The method of claim 17, further 
comprising: 

mutually authenticating the second and third nodes prior 
to the second node transmitting the first shared secret to 
the third node. 

Claim 19 (currently amended) : A communications system, 
comprising : 
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a first node including a first shared secret and a 
communications application for establishing a secure 
communications session using said first shared secret to 
secure packets communicated as part of said secure 
communications session; 

a mobile node including said first shared secret, a 
second shared secret, and at least one communications 
application for maintaining a secure communications session 
with said first node using said first shared secret; 

an intermediate node, coupled to said first node and 
said mobile node, said intermediate node including said first 
shared secret and said second shared secret, said 
intermediate node including: 

means for processing packets re-directed away from 
said mobile node to said intermediate node, said 
redirected packets being packets which were originally 
directed by said first node towards said mobile node as 
part of a secure communications session using said first 
shared secret; and 

means for sending a message to said first node 
secured by said first shared secret indicating 
successful receipt of said packets by said mobile node. 

Claim 2 0 (original) : The communication system of claim 19, 
wherein said intermediate node further includes: 

means for communicating information generated by 
processing packets directed to said mobile node to said 
mobile node in packets secured using said second shared 
secret, said information being the result of application 
processing performed on the payload of at least two data 
packets to generate information not present in either of the 
two data packets. 
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Claim 21 (original): The communication .system of claim 20, 
wherein the mobile node includes means for sending said first 
shared secret to said intermediate node in an encrypted 
format resulting encryption processing using said second 
shared secret . 

Claim 22 (currently amended) : A communications system for 
use with a second node, said communications system 
comprising: 

a first node including: 

memory means for storing a first secret, said 
first secret being shared between the first node 
and the second node to secure communications 
between said first and second nodes; and 

means for establishing a secure communications 
session with said second node using the first 
shared secret to secure the contents of packets 
communicated from the first node that are directed 
to the second node as part of a secure 
communications session; 
a third node, coupled to said first and second nodes, 
the third node including: 

memory means for storing a copy of said 
first shared secret; and 

means for receiving a secure flow of 
packets from the first node that are ire-directed 
away from said second node to said third node, said 
redirected packets being packets which were 
originally directed to said second node as part of 
the secure communications session. 
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Claim 23 (previously presented) : The communication system of 
claim 22, wherein said third node further includes: 

means for receiving from said second node the first 
shared secret; and 

means for storing the first shared secret in memory, 
said received first shared secret being encrypted using a 
second shared secret known to the second and third nodes. 

Claim 24 (previously presented) The communications system 
of claim 22, wherein said first node is a mobile node. 

Claim 25 (currently amended) : A method of operating a third 
node in a system comprising a first node, a second node and 
said third node, a first secret being shared between the 
first and second nodes to secure communications between said 
first and second nodes, the method comprising: 

receiving from said second node the first shared secret; 
storing said first shared secret in memory; and 
receiving a secure flow of packets from the first node 
that are re-directed away from said second node to said third 
node, said redirected packets being packets which were 
originally directed to said second node as part of the secure 
communications session . 

Claim 26 (previously presented) : The method of claim 25, 
wherein said received first shared secret is received in an 
encrypted form, said first shared secret having been 
encrypted using a second shared secret known to the second 
and third nodes . 

Claim 27 (previously presented) : The method of claim 25, 
further comprising : 
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processing packets received from said first node which 
are part of said established communications session; and 

sending a message to the first node indicating 
successful receipt of packets by said second node. 

Claim 2 8 (previously presented) : The method of claim 27, 
wherein said third node uses said first shared secret to 
secure the message to the first node. 

Claim 29 (previously presented) : The method of claim 28, 
wherein said third node operates as an application proxy for 
said second node during a portion of said secure 
communications session without informing said first node that 
the third node is acting as a proxy in the place of said . 
second node. 

Claim 30 (previously presented) : The method of claim 29, 
further comprising: 

transmitting information obtained from said 
communications session while said third node was acting as a 
proxy for said second node to said second node. 

Claim 31 (previously presented) : The method of claim 25, 
further comprising: 

using said first shared secret to decrypt a packet 
included in said secure flow of packets. 

Claim 32 (previously presented) : The method of claim 31, 
further comprising: 

processing said decrypted packet; and 

communicating the result of processing said decrypted 
packet to said second node in an encrypted packet . 
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Claim 33 (previously presented) : The method of claim 25, 
further comprising: 

processing at least two packets in the secure flow of 
packets to produce at least a third packet; and 

communicating, the third packet to the second node. 

Claim 34 (currently amended) : A third node in a system 
comprising a first node, a second node and said third node, a 
first secret being shared between the first and second nodes 
to secure communications between said first and second nodes, 
the method comprising: 

a receiver for receiving from said second node the first 
shared secret; 

memory in which said first shared secret is stored; and 
an agent module for receiving a secure flow of packets 
from the first node that are redirected away from said 
second node to said third node, said redirected packets being 
packets which were originally directed to said second node as 
part of the secure communications session. 

Claim 35 (previously presented) : The third node of claim 34, 
wherein said received first shared secret is received in an 
encrypted form, said first shared secret having been 
encrypted using a second shared secret known to the second 
and third nodes . 

Claim 3 6 (previously presented) : The third node of claim 34, 

wherein said agent module includes: 

a proxy module for processing packets received from said 

first node which are part of said established communications 

session and sending a message to the first node indicating 
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successful receipt of packets by said second node. 

Claim 37 (currently amended) : A third node in a system 
comprising a first node, a second node and said third node, a 
first secret being shared between the first and second nodes 
to secure communications between said first and second nodes, 
the method comprising: 

receiver means for receiving from said second node the 
first shared secret; 

memory means for storing said first shared secret; and 
agent means for receiving a secure flow of packets from 
the first node that are re-directed away from said second 
node to said third node, said redirected packets being 
packets which were originally directed to said second node as 
part of the secure communications session. 

Claim 38 (previously presented): The third node of claim 37, 
wherein said received first shared secret is received in an 
encrypted form, said first shared secret having been 
encrypted using a second shared secret known to the second 
and third nodes . 

Claim 39 (previously presented): The third node of claim 37, 
wherein said agent means includes 

proxy means for processing packets received from 
said first node which are part of said established 
communications session and sending a message to the first 
node indicating successful receipt of packets by said second 
node. 

Claim 40 (previously presented) : A machine readable medium 

including computer executable instructions for controlling a 
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third node in a system comprising a first node, a second node 
and said third node, a first secret being shared between the 
first and second nodes to secure communications between said 
first and second nodes, to perform a communications method 
including the steps of: 

receiving from said second node the first shared secret; 
storing said first, shared secret in memory; and 
receiving a secure flow of packets from the first node 
that are re-directed away from said second node to said third 
node, said redirected packets being packets which were 
originally directed to said second node as part of the secure 
communications session. 

Claim 41 (previously presented): The third node of claim 40, 
wherein said received first shared secret is received in an 
encrypted form, said first shared secret having been 
encrypted using a second shared secret known to the second 
and third nodes . 

Claim 42 .(new): The method of claim 1, wherein the second 
node destination address is a Home Address of the second 
node. 

Claim 43 (new) : A communications method for use in a system 
comprising a first node, a second node and a third node, and 
a first secret, said first secret being shared between the 
first and second nodes to secure communications between said 
first and second nodes, the method comprising: 

operating the first node to establish a secure 
communications session with said second node using the first 
shared secret to secure the contents of packets communicated 
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from the first node that are directed to the second node as 
part of the secure communications session; 

operating, a third node which is coupled to said first 
and second nodes to maintain in memory a copy of said first 
shared secret; and 

operating the third node to receive a secure flow. of 
packets from the first node that are re-directed away from 
said second node to said third node, said redirected packets 
being packets which were originally directed to said second 
node as part of the secure communications session. 

Claim 44 (new) The method of claim 43, wherein packets 
communicated from the first node that are directed to the 
second node as part of the secure communications session 
include a Home Address of the second node as a destination 
address prior to said re-direction. 

Claim 45 (new): The method of claim 43, further comprising: 

operating the third node to receive from said second 
node the first shared secret and to store the first shared 
secret in memory, said received first shared secret being 
encrypted using a second shared secret known to the second 
and third nodes. 

Claim 46 (new): The method of claim 43, further comprising: 

operating said third node to send a message to the first 
node indicating successful receipt of packets by said second 
node, in response to received redirected packets. 

Claim 47 (new) : A communications method for use in a system 
comprising a first node, a second node and a third node, and 
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a first secret, said first secret being shared between the 
first and second nodes to secure communications between said 
first and second nodes, the third node being on a 
communications path extending between said first and second 
nodes, the method comprising: 

operating the first node to establish a secure 
communications session with said second node using the first 
shared secret to secure the contents of packets communicated 
from the first node that are directed to the second node as 
part of the secure communications session; 

operating a third node which is coupled to said first 
and second nodes to maintain in memory a copy of said first 
shared secret ; 

operating the third node to receive a secure flow of 
packets from the first node that are directed to said second 
node as part of the secure communications session; and 

operating the third node to intercept and process said 
received secure flow of packets from the first node. 

Claim 48 (new) The method of claim 47 wherein packets 

directed to said second node include as a destination address 
a Home Address of the second node. 

Claim 49 (new) : The method of claim 47, further 

comprising : 

operating the third node to transmit another packet 
flow, said another packet flow including as a source address 
an address corresponding to the second node and including 
packets generated from said intercepted packets. 

Claim 50 (new): The method of claim 47, further comprising: 
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operating the third node to receive from said second 
node the first shared secret and to store the first shared 
secret in memory, said received first shared secret being 
encrypted using a second shared secret known to the second 
and third nodes . 

Claim 51 (new) : The method of claim 47, further comprising: 

operating said third node, in response to receiving 
packets in said secure flow of packets, to send a message to 
the first node indicating successful receipt of packets by 
said second node. 
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